IT tutorials
 
Windows
 

Windows 8 : Sharing and Securing with User Accounts - Using User Accounts (part 1) - Understanding User Account Control

- Windows 10 Product Activation Keys Free 2019
- How to active Windows 8 without product key
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
3/3/2014 2:18:49 AM

Each user account is like its own separate PC. Every user has his or her private Documents, Pictures, Music, and Video folders for storing files. Each user account can have its own Windows apps, e-mail account, and Internet favorites. Each user can customize the desktop, Start menu, and other settings to that user’s own liking.

When you first start your computer, the Windows lock screen appears. Press Enter, swipe up (on a tablet or touch screen), or roll the mouse wheel up to display the sign in screen. You also see the sign on screen when you sign out of your user account. If you click a user account that isn’t password-protected, you’re taken straight into the account. But if you click the picture for a password-protected account, a password prompt appears.

To get into the account, you need to enter the appropriate password. Entering the wrong password displays a message stating the user account name or password is incorrect. You can click OK to try again. You can’t get into the user account until you’ve entered the correct password for the account.

The first time you (or someone else) log in to a new user account, it’s just like starting Windows 8 on a brand-new PC. The desktop has the default appearance. All of the document folders in the account are empty. There is no e-mail account, no Internet favorites, and no Windows apps installed. To use e-mail, the user (or administrator) needs to set up the account with an e-mail account, preferably an account used only by that user.

The user does have access to all the programs installed on the computer (except for rare cases in which someone installed a program for personal use only). The user will likely have Internet connectivity through the same network or Wi-Fi as all other user accounts.

If the user account is a standard account, there are some limitations to what the user can do. For one, Windows settings are not synced with other devices, such as a Windows Phone or tablet. Also, the user cannot make any changes to the system that would affect other users. That’s where Windows 8’s User Account Control (UAC) security comes into play.

Understanding User Account Control

User Account Control (UAC) is the general term for the way administrative and standard user accounts work in Windows 8. As you browse around through various pages in the Control Panel, you’ll notice that many links have a shield icon next to them. For example, if you display the Control Panel and click User Accounts And Family Safety, you see the options shown in Figure 1.

FIGURE 1 User Accounts And Family Safety

image

Items that have a shield icon next to them require administrative approval. Items without a shield icon don’t. For example, any user can change his or her Windows password, with or without administrative approval.

Options that do have a shield icon next to them require administrative approval. But you don’t necessarily need to be logged in to an administrative account to use those options. You just have to prove that you have administrative privileges. You do that by entering the password for an administrative account. When you click a shielded option, a dialog box appears. To prove you have administrative privileges on this computer, enter the password for the administrative user account and click Submit (or OK in some dialog boxes).

Of course, when someone who doesn’t know the administrative account password encounters the User Account Control dialog box, he or she is stuck. Users who don’t know the password can’t go any further. This prevents the standard user from doing things that might affect the overall system and other people’s user accounts. It also prevents children from overriding parental controls.

Privilege escalation in administrative accounts

If you happen to be logged in to an administrative account when you click a shielded option, you don’t need to enter an administrative password. After all, if you’re in an administrative account, you must already know the password required to get into that account. You don’t need to prove that you know that password again. But, by default, you’ll still see a prompt telling you that the program you’re about to run makes changes to the system. You have to click Continue to proceed.

It might seem odd (and irritating) that you still have to click something to get to the item you clicked. But it works that way for a reason. The dialog box lets you know that the program you’re about to run is going to make changes to the overall system. You expect to see that dialog box after you click a shielded option. And with time and experience, you’ll learn to expect it when you do other things that affect the system as a whole, such as when you install new programs.

Sometimes it occurs when you don’t expect to see it. For example, when opening an e-mail attachment, you wouldn’t normally expect to see that message. After all, opening an e-mail attachment should just show you the contents of the attachment, not make a change to the system as a whole. Seeing the warning in that context lets you know that something fishy is going on, most likely something bad in the e-mail attachment. You can click Cancel to not open the attachment, thereby protecting your system from whatever virus or other bad thing lies hidden within the e-mail attachment.

On a more technical note, UAC operates on a principle of least privilege. When you’re in an administrative account, you actually run with the same privileges as a standard user. This is done to protect your system from malware that would otherwise exploit the privileges of your administrative account to make malicious changes to your system.

When you enter a password or click Continue in response to a UAC prompt, you temporarily elevate your privileges to allow that one change to be made. After that change is made, you’re back to your more secure standard user privileges. This is how things have been done in high-security settings for years, and it is considered a security best practice.

 
Others
 
- Windows 8 : Sharing and Securing with User Accounts - Deleting User Accounts
- Windows Server 2012 : Business continuity for virtualized workloads (part 2) - Guidance on configuring the Hyper-V Replica Broker cluster resource
- Windows Server 2012 : Business continuity for virtualized workloads (part 1) - Implementing Hyper-V Replica
- Windows 8 : Sharing and Securing with User Accounts - Creating and Managing User Accounts (part 6) - Navigating through user account pages
- Windows 8 : Sharing and Securing with User Accounts - Creating and Managing User Accounts (part 5) - Changing the account picture
- Windows 8 : Sharing and Securing with User Accounts - Creating and Managing User Accounts (part 4) - Changing a user account type , Password-protecting an account
- Windows 8 : Sharing and Securing with User Accounts - Creating and Managing User Accounts (part 3) - Creating a new e-mail address for a new user account
- Windows 8 : Sharing and Securing with User Accounts - Creating and Managing User Accounts (part 2) - Creating a Microsoft user account
- Windows 8 : Sharing and Securing with User Accounts - Creating and Managing User Accounts (part 1)
- Windows 8 : Sharing and Securing with User Accounts - Types of User Accounts
 
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
programming4us programming4us
 
Popular tags
 
Video Tutorail Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Indesign Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe After Effects Adobe Photoshop Adobe Fireworks Adobe Flash Catalyst Corel Painter X CorelDRAW X5 CorelDraw 10 QuarkXPress 8 windows Phone 7 windows Phone 8 BlackBerry Android Ipad Iphone iOS